From owner-freebsd-net@FreeBSD.ORG  Fri Apr 20 12:49:11 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id BE5A416A400
	for <freebsd-net@freebsd.org>; Fri, 20 Apr 2007 12:49:11 +0000 (UTC)
	(envelope-from mav@mavhome.dp.ua)
Received: from cmail.optima.ua (cmail.optima.ua [195.248.191.121])
	by mx1.freebsd.org (Postfix) with ESMTP id 3E36613C458
	for <freebsd-net@freebsd.org>; Fri, 20 Apr 2007 12:49:10 +0000 (UTC)
	(envelope-from mav@mavhome.dp.ua)
X-Spam-Level: 2 [X]
Received: from [212.86.226.11] (account mav@alkar.net [212.86.226.11] verified)
	by cmail.optima.ua (CommuniGate Pro SMTP 5.1.8)
	with ESMTPA id 22668307; Fri, 20 Apr 2007 14:49:08 +0300
Message-ID: <4628A8B3.2090900@mavhome.dp.ua>
Date: Fri, 20 Apr 2007 14:49:07 +0300
From: Alexander Motin <mav@mavhome.dp.ua>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8b) Gecko/20051108
MIME-Version: 1.0
To: Nikos Vassiliadis <nvass@teledomenet.gr>
References: <1176776612.00725618.1176764402@10.7.7.3>
	<1176816181.00725799.1176802803@10.7.7.3>
In-Reply-To: <1176816181.00725799.1176802803@10.7.7.3>
Content-Type: text/plain; charset=ISO-8859-7; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-net@freebsd.org, Tom McLaughlin <tmclaugh@sdf.lonestar.org>
Subject: Re: net/mpd4: Unable to pass pass traffic as pptp client
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Apr 2007 12:49:11 -0000

232487741
Nikos Vassiliadis wrote:
>>pptp0: connecting to 208.206.3.5 1723
>>[vpn] IPCP: LayerUp
>>  172.30.29.9 -> 208.206.3.5
>
>>ifconfig
>>[root@bofh tom]# ifconfig ng0
>>ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1396
>>        inet 172.30.29.9 --> 208.206.3.5 netmask 0xffffffff 
> 
> It seems that your external peer address is the same with the internal
> peer address. You connect to pptp-server-ip through your linksys and
> then say that pptp-server-ip is reachable through the tunnel. So it
> routes everything destined for pptp-server-ip  through the tunnel. I
> think that such configuration is valid for other operating systems.
> I don't know if you can work-around the problem on your own, maybe
> you have to contact the VPN concentrator's admin. Perhaps you can
> modify the routing table (the external peer address should be reachable
> as it was, though linksys) and invent some peer address using
> "ifconfig ng0 your_address 10.0.0.1 netmask 0xffffffff".
> But it's not nice...
> 
> Can you convice the concentrator's administrator to use another
> address for his internal side?

It would be a better way. But if it is not possible you could use 'ipfw 
fwd' rule to forward all PPTP's GRE and controling TCP packets via 
physical interface instead of tunnel.

-- 
Alexander Motin